Greetings,
I am having problems trying to map the following events from a Fortinet
firewall to /Net/Fortinet:
date=2007-01-30 time=10:25:12 devname=int-fw1_XXX device_id=FGXXXXXXXXXXXXXX
log_id=0104032006 type=event subtype=admin pri=emergency vd=root msg="Log disk
is at 95% full.System will overwrite old logs once passed 95%."
date=2007-01-30 time=11:28:06 devname=int-fw1_XXX device_id=FGXXXXXXXXXXXXX
log_id=0104032009 type=event subtype=admin pri=alert vd=root user=xxxx
ui=GUI(10.X.X.X) action=login status=failure reason=none msg="User xxxx login
failed from GUI(10.X.X.X)"
I do not get an error on the Events screen, but when I go to
/Events/Net/Fortinet, there is nothing under Classes or Mappings.
I tailed the logs directory while I was doing this, and this is all I saw in
the Z2.log:
10.X.X.X - Anonymous [30/Jan/2007:12:05:44 -0400] "POST /zport/dmd/Events
HTTP/1.1" 200 46020 "http://xxx.xxx:8080/zport/dmd/Events"; "Mozilla/5.0
(Windows; U; Windows NT 5.1; en-US; rv:1.8.1.1) Gecko/20061204 Firefox/2.0.0.1"
10.X.X.X - Anonymous [30/Jan/2007:12:05:44 -0400] "GET
/zport/dmd/ZenEventManager/getJSONEventsInfo HTTP/1.1" 204 150
"http://xxx.xxx:8080/zport/dmd/Events"; "Mozilla/5.0 (Windows; U; Windows NT
5.1; en-US; rv:1.8.1.1) Gecko/20061204 Firefox/2.0.0.1"
Let me know if there is more info you would need.
thanks
____________________________________________________________________________________
Need a quick answer? Get one in minutes from people who know.
Ask your question on www.Answers.yahoo.com
_______________________________________________
zenoss-users mailing list
[email protected]
http://lists.zenoss.org/mailman/listinfo/zenoss-users
